Why is Spring Security working in Tomcat but not when deployed to Weblogic?

Question

I\'m not really a Java developer, but a project for a client has required me to be, so maybe I\'m missing something glaringly obvious.

I\'m using SpringBoot and ever

Answer 1

For the record and perhaps a little late, i recently ran into the same issue (amongst others) and got Spring Security (4.0.0.RELEASE) using Spring MVC (4.1.1.RELEASE) (not Spring Boot, so not using the FilterRegistrationBean as sugested above) working on Weblogic 12.1.3. With thanks to Rob Winch for the Filterchain addition (solving the problem of all url's being accessable without security). Implementing the WebApplicationInitializer and overriding the onStart method as follows does the trick:

    // Create the 'root' Spring application context
    AnnotationConfigWebApplicationContext rootContext = new AnnotationConfigWebApplicationContext();
    rootContext.register(SecurityConfiguration.class);

    // Manage the lifecycle of the root application context
    container.addListener(new ContextLoaderListener(rootContext));

    // Create the dispatcher servlet's Spring application context
    AnnotationConfigWebApplicationContext dispatcherServlet = new AnnotationConfigWebApplicationContext();
    dispatcherServlet.register(WebMvcConfiguration.class);

    // Register and map the dispatcher servlet
    ServletRegistration.Dynamic dispatcher = container.addServlet("dispatcher", new DispatcherServlet(dispatcherServlet));
    dispatcher.setLoadOnStartup(1);
    dispatcher.addMapping("/");

    // Register spring security FilterChain
    FilterRegistration.Dynamic registration = container.addFilter("springSecurityFilterChain", DelegatingFilterProxy.class);
    EnumSet dispatcherTypes = EnumSet.of(DispatcherType.REQUEST, DispatcherType.ERROR, DispatcherType.ASYNC);
    registration.addMappingForUrlPatterns(dispatcherTypes, true, "/*");